The notorious ransomware gang LockBit has claimed responsibility for a cyberattack targeting India’s state-owned aerospace research lab.
On Wednesday, LockBit added the National Aerospace Laboratories (NAL) to its dark web leak site, which ransomware gangs use to extort victims for ransom payments. The group threatened to publish the organization’s stolen data if it fails to pay an unspecified ransom, according to the listing seen by TechCrunch.
LockBit posted eight purportedly stolen documents, including confidential letters, an employee’s passport and other internal documents.
At the time of publication NAL’s website was down across the world. It is unclear if the website outage was due to the claimed ransomware attack.
NAL and India’s Computer Emergency Response Team (CERT-In) did not immediately respond to requests for comment.
Set up in 1959, the NAL is India’s first and largest aerospace research organization. It is owned by the Indian Government’s Council of Scientific and Industrial Research, led by the prime minister, and works closely with other government entities, including the Indian Space Research Organisation and Defence Research and Development Organisation.
For the past few months, LockBit has hacked some of the world’s most renowned companies. Some of its most recent victims include Taiwanese chipmaker TSMC, British postal service and courier company Royal Mail and pharma giant Granules India. It also targeted Los Angeles’ housing authority and California’s finance department in recent years.